Day: October 29, 2018

SSD Advisory – Chrome AppCache Subsystem SBX by utilizing a Use After Free

1 Comment / Vulnerability publication / By

Vulnerabilities Summary The vulnerability exists in the AppCache subsystem in Chrome Versions 69.0 and before. This code is located in the privileged browser process outside of the sandbox. The renderer interacts with this subsystem by sending IPC messages from the renderer to the browser process. These messages can cause the browser to make network requests, …

SSD Advisory – Chrome AppCache Subsystem SBX by utilizing a Use After Free Read More »

SSD Advisory – Chrome Type Confusion in JSCreateObject Operation to RCE

1 Comment / Vulnerability publication / By

Vulnerabilities Summary The following advisory discusses a vulnerability found in turbofan, the JIT compiler. We can trigger the JavaScript code in a way that leads to type confusion that can be exploited in order to execute code remotely on Google Chrome Versions 69.0 and before. Vendor Response Vendor has fixed the issue in Google Chrome …

SSD Advisory – Chrome Type Confusion in JSCreateObject Operation to RCE Read More »

Get in touch

Any questions? Interested in our services? 

We’d love to hear from you

Contact US
Facebook Twitter Youtube Linkedin

?

HOME
THE
COMMUNITY
SCOPE
ADVISORIES
SUBMIT
CONTACT

?

Get in touch